Facebook experience cuts both ways for AG candidate

Chris Kelly made a relatively abrupt entry into California politics. The former Facebook executive decided to run for attorney general less than a year ago and since then has pumped nearly $10 million into his largely self-financed campaign.

High-tech politicians are not much of a novelty these days, especially in California’s June primary. Carly Fiorina, a Republican Senate candidate, served as chief executive of Hewlett-Packard, the hardware giant founded in 1939 in a Palo Alto garage. And Meg Whitman and Steve Poizner, Republican gubernatorial candidates, both led companies that came out on the right side of the 1990s dot-com boom.

But whereas Fiorina and Whitman in particular have drawn on their corporate backgrounds to craft images as experienced executives, Kelly, a Democrat, springs from a corner of the technology world only now beginning to flex its political muscle: the young, trendy social media companies that are starting to define the newest generation of Silicon Valley.

The lightly regulated world of social media has created high-profile privacy and security controversies for companies like Facebook, Google and others that collect and disseminate massive amounts of personal data from millions of users worldwide.

Bringing order to that Wild West environment has given candidates like Kelly, formerly Facebook’s chief privacy officer, a chance to work on policymaking long before they hold elected office. But social media companies like Facebook also sit at the heart of intense debates over online privacy.

Kelly’s campaign will be a litmus test for how these privacy issues resonate with the public in the political arena, and also for how the strengths and vulnerabilities of a background in social media companies confers on other executives who may consider running for public office.

In Kelly’s case, the office he seeks throws the questions into particularly high relief.

“The irony here is that he’s running for A.G., which presumably among other things is supposed to protect privacy and civil liberties,” said Larry Gerston, a political science professor at San Jose State University, “and he comes from an environment that opens all that stuff up.”

In many ways, Kelly typifies the youth and ambition that characterize startup culture. A 39-year-old, Harvard-educated attorney, he worked during his 20s as an aide in Bill Clinton’s presidential campaign and later moved back home to Silicon Valley to advise startups on privacy and intellectual property law.

He began his job as general counsel and chief privacy officer at Facebook in 2005, where he was quickly tasked with sorting out privacy and security concerns for the site’s rapidly growing user base, which grew from 5.5 million in 2005 to 400 million earlier this year. Kelly has often made the case that his work prepared him for the job he is now seeking, saying in an interview that he was grateful to “work on these issues as the Internet was moving in a different direction.”

Much of that work involved collaborating with privacy regulators, including a nationwide group of attorneys general and officials overseas, to establish safeguards related to privacy and sexual predators.

Those issues overlap with the responsibility of the California attorney general’s office, which also investigates identity theft and can influence policy related to online crime — concerns Facebook has dealt with firsthand.

The company notably took its lumps in 2007, when an undercover investigation by the office of the New York attorney general, Andrew Cuomo, found that the site lagged in responding to complaints about sexual predators and failed to filter pornographic content, despite making claims to the contrary.

During the sting, investigators crafted a suggestive conversation between a fake sexual predator and a fake 13-year-old girl, then, as the girl’s mother, filed complaints about the exchange.

It took Facebook at least 10 days to respond. Cuomo’s office filed a subpoena and warned that the company could face consumer fraud charges for exaggerating the effectiveness of its security measures.

Facebook settled the case within three weeks, agreeing to speed its response time for complaints about sexual content and harassment. Cuomo praised Facebook’s cooperation, as did advocacy groups with a stake in the issue.

In an interview, Kelly acknowledged that Facebook’s transformation from college curiosity to worldwide phenomenon at times left the company struggling to address problems.

“With the rapid growth, we were actually frustrated at times with the level of response to the complaints we had,” he said.

Still, he has framed the case as a victory, highlighting Facebook’s quick reaction and subsequent collaboration with Cuomo’s office to craft laws making it easier to track and regulate sex offenders online.

Victims rights groups involved in the issue gave Facebook credit as well, emphasizing the company’s response rather than its failure to prevent the incidents in the first place.

In recent weeks, Kelly’s opponents — particularly the campaign of Kamala Harris, San Francisco district attorney — have questioned whether Kelly has implicitly acknowledged vulnerabilities by distancing himself from his role in Facebook’s major privacy decisions, a contention the Kelly campaign denies.

Kelly has styled his profession as “Attorney/Businessman” on the ballot and in recent months has favored more general titles like “legal counsel” in press releases and political ads when describing his duties at Facebook, rather than “Chief Privacy Officer,” which he often used earlier in the campaign.

Kelly said the shift reflects the campaign’s efforts to align his public descriptions with his official ballot designation. Ballot designations cannot contain company names and are typically limited to three words, which would prohibit a title like “Facebook Chief Privacy Officer.”
Lawsuits and public complaints about Facebook’s privacy changes have made headlines for years, and this campaign season has been no different.

Last month, several United States senators, including Charles Schumer, Democrat of New York, sent a letter to Facebook expressing concerns over how new developments at the company could expose users’ personal data to third-party websites without the users’ consent.The Kelly campaign pivoted quickly, releasing a statement to separate him from the controversy.

“Facebook’s recent changes to its privacy policy and practices with regard to data sharing occurred after I left the company,” Kelly’s statement reads. “I strongly encourage Facebook to structure all its programs to allow Facebook users to give permission before their information is shared with third parties.”

Even during Kelly’s tenure, Facebook was no stranger to privacy controversies, both in the United States and abroad.

Last summer, for example, Canada’s Privacy Commissioner, Jennifer Stoddart, released a statement raising concerns over how the site shares personal information.

“It’s clear that privacy issues are top of mind for Facebook, and yet we found serious privacy gaps in the way the site operates,” Stoddart said in a July 2009 statement.

Kelly said many of the complaints Facebook has received about privacy issues reflect a disconnect between the privacy views of regulators and those held by the company.

Regulators, he said, often see privacy as tantamount to secrecy, arguing that personal information should be closed. Facebook’s philosophy, and his own, is that sharing some information is beneficial as long as it is properly controlled.

“There are quite a number of regulators around the world,” Kelly said, “who don’t have that perspective.”